Do passphrases protect against leaks or compromises of mnemonic seed words? Why are brain wallets usually insecure? Why should you not “roll your own crypto” and promote creative schemes that deviate from the standards (like BIP39), without at least getting peer review and testing from other developers, cryptographers, or security researchers?
See the documentation and support pages of various hardware wallets for more information:
Trezor – https://doc.satoshilabs.com/trezor-faq/overview.html https://blog.trezor.io/using-advanced-recovery-on-trezor-4af0eb53c3bb
Ledger Nano S – https://support.ledgerwallet.com/hc/en-us/articles/360000613793-Initialize-your-device
Ledger Blue – https://support.ledgerwallet.com/hc/en-us/articles/360005835414-Initialize-your-device
KeepKey – https://help.keepkey.com/start-here/initialize-your-keepkey https://help.keepkey.com/how-to-guides/how-to-recover-your-keepkey
On the topic of inheritance and estate planning, see: https://youtu.be/4g8rO_queMw
These questions are from the August monthly Patreon Q&A session, which took place (late) on September 1st 2018. If you want early-access to talks and a chance to participate in the monthly live Q&As with Andreas, become a patron: https://www.patreon.com/aantonop
RELATED:
How do I choose a wallet? – https://youtu.be/tN6b62sEpsY
Secure, tiered storage system – https://youtu.be/uYIVuZgN95M
Hardware wallets and attack surface – https://youtu.be/8mpDcBfNA7g
Setting up secure storage devices – https://youtu.be/wZ9LxLLvfXc
What is a private key? – https://youtu.be/xxfUpIV9wRI
How do mneomonic seeds work? – https://youtu.be/wWCIQFNf_8g
Using paper wallets – https://youtu.be/cKehFazo8Pw
Wallet design and mass adoption – https://youtu.be/WbZX6BDZJHc
Cryptographic primitives – https://youtu.be/RIckQ6RBt5E
Public keys vs. addresses – https://youtu.be/8es3qQWkEiU
Re-using addresses – https://youtu.be/4A3urPFkx8g
Coin selection and privacy – https://youtu.be/3Ck683CQGAQ
Multi-signature and distributed storage – https://youtu.be/cAP2u6w_1-k
Nonces, mining, and quantum computing – https://youtu.be/d4xXJh677J0
Software distribution security – https://youtu.be/_V0vqy046YM
Protocol development security – https://youtu.be/4fsL5XWsTJ4
Geopolitics and state-sponsored attacks – https://youtu.be/htxPRTJLK-k
How to get people to care about security – https://youtu.be/Ji1lS9NMz1E
Honest nodes and consensus – https://youtu.be/KAhY2ymI-tg
Why running a node is important – https://youtu.be/oX0Yrv-6jVs
Andreas M. Antonopoulos is a technologist and serial entrepreneur who has become one of the most well-known and respected figures in bitcoin.
Follow on Twitter: @aantonop https://twitter.com/aantonop
Website: https://antonopoulos.com/
He is the author of two books: “Mastering Bitcoin,” published by O’Reilly Media and considered the best technical guide to bitcoin; “The Internet of Money,” a book about why bitcoin matters.
THE INTERNET OF MONEY, v1: https://www.amazon.co.uk/Internet-Money-collection-Andreas-Antonopoulos/dp/1537000454/ref=asap_bc?ie=UTF8
[NEW] THE INTERNET OF MONEY, v2: https://www.amazon.com/Internet-Money-Andreas-M-Antonopoulos/dp/194791006X/ref=asap_bc?ie=UTF8
MASTERING BITCOIN: https://www.amazon.co.uk/Mastering-Bitcoin-Unlocking-Digital-Cryptocurrencies/dp/1449374042
[NEW] MASTERING BITCOIN, 2nd Edition: https://www.amazon.com/Mastering-Bitcoin-Programming-Open-Blockchain/dp/1491954388
Translations of MASTERING BITCOIN: https://bitcoinbook.info/translations-of-mastering-bitcoin/
Subscribe to the channel to learn more about Bitcoin & open blockchains!
Music: “Unbounded” by Orfan (https://www.facebook.com/Orfan/)
Outro Graphics: Phneep (http://www.phneep.com/)
Outro Art: Rock Barcellos (http://www.rockincomics.com.br/)
source
Thanks for the video!
bcrypt was designed to be slow such that a hacker must wait a long time to decrypt and thus makes a hack even much less profitable over billions of iterations.
10:55 "erased it from the web" ha ha ha ha ha ha ha!
0:00
AWSOME! GOOD TO KNOW! 2048^24 + PASSPHRASE, MAGIC!
I disagree with Andreas here. If the passphrase is cryptographically strong, i.e. 128 to 256 bits of entropy, then publishing the seed does not compromise the security. A 256 bits of entropy seed plus a 256 bits of entropy passphrase yields you a 512 bits of entropy. Giving up 256 bits (the seed) leaves you with 256 bits (the passphrase) and you're still good. In other words: A published 24-seed + 256 bits passphrase is equal to a 24-seed without a passphrase. Both have 256 bits of entropy.
Ideally, one would use a 24-word-seed and a differently created 128+ bits passphrase (like a 12+ word diceware passphrase) and of course keep both secure and offline. The advantage is, should it turn out that the RNG of the hardware used was weak, you at least have the entropy of the passphrase, which is enough if it's 128+ bits.
Also: @8:20
128 bits of entropy is also unbruteforceable. In practical terms, there's no security difference between 256 and 128 bits of entropy, even less when key stretching is applied. Most wallets use a 12 word seed, which equals "only" 128 bits of entropy, anyway.
Change my mind.
PS: But that being said: don't fucking invent your own crypto.
11:40 how to
But half a seed representing 128 bits is still more than enough, isn't it?
You just said, seeds are 12 to 24 words. So half of a 24 word should still be plenty secure?
It's curious because at Honeybadger 2018 the Trezor dev said the same thing so you are probably correct. But why?
Can you tell me lets say I keep my 24 word key secure and add a word for my passphrase. How secure would that second wallet be? Assuming they don't assume a 25th passphase and they dont have the 24 word seed?
WRONG – many wallets use 12 seed-words, like Trezor T, so i wonder why AA * really * tried to emphasis that ???…
12:50 password different from seed
Hi Andreas! Can you please cover the current bug report:
https://bitcoincore.org/en/2018/09/20/notice/
Its hard to understand what this actually means today.
Does this bug mean that today some malicious miner that didn't update can print new bitcoin?
secondly, If someone does create additional bitcoin than is suppose to be made… is there a way to tell that its in the system?
Love the foreground and background. Much nicer to watch.
Using quantum grammar in your titles,!? Nice touch A,?
"Your money's gone…" LOL. "Don't roll your own crypto"
Andreas are there any hardware wallets you would recommend?
The channel named Crypo's Price Forecast mirrors your content and monetizes it by selling adds.
Can you steelman Bitcoin Cash then explain why it's either: a scam, an attack or otherwise illegitimate or inferior to Bitcoin?
I used Shamirs Secret Sharing to cut my seed into a 3 of 5 that is distributed in different locations. What is your opinion on that?
Eres la daga Andreas
So does this mean that using the 12 word seed with the trezor model-t is significantly less secure than a Trezor one with a 24-word seed? The model-t only allows for generating a 12 word seed (via GUI) so it would seem trezor’s new product is bad purchase unless you have an existing 24-word seed you can input? If I have a ledger nano s should I just generate the seed on there and then input that into the trezor model-t or is that not advisable Incase ledger has an unknown vulnerability which would essentially make it like putting all your eggs in one basket?
Ledgers do not have passphrases…hmmm…
Andreas, I like the laid back camera angle. Nice
I feel safe. Brain wallet random. Password 600+bits.
Oh, my bad. That's for my hot wallet. Not cold.
Thank you Andreas…..
watched liked & shared = true
Greetings from Africa Kenya
So far no trolling the new set up. ??
What about BitFi wallet ? how to storage or protect funds that are needed to be used regularly for trading, etc.!?
would you review Abra wallet one day, 13 words (+ a phone number to create / recover the wallet)
Aaaaand once again my brain expanded a little because I listened to you. Thank you for remaining a class act in a sector that seems to grow more phonies everyday.
How many rounds of key stretching hardware wallets use?
Hi Andreas, would it be safe to mix 6 random words (that you have memorized) into your 24 seed words, and then make it public (so you will never lose it)?
where i can submit questions?
ANTREA EISAI YPEROXOS
It's ok, Andreas, I devised my own infallible scheme! I'll post my passphrase, and my mnemonic seed online, but I'll post each one with different account. The seed with jondoe07, and the passphrase with jondoe08. Then no one will be the wiser! ? ? ?
Smashed the like
OCT. 1 IS COMING!! Q4= FRESH MONEY FOR BTC!!
We need clones of Andreas to replace a lot of the other so called crypto "experts" You are a much needed voice in this space, Thank you Andreas.
My question would be if BIP39 is a standard isn't it subjected to the standardized attack vector. So a hacker only needs to break BIP39 and has the ablity to attack all wallets in existance.
yeeeyyy Andreas with a new setup ^^
I memorize my words with a story. (memory hack) my phrase was never online ?
Oh lovely, some fresh content. Big things happening in crypto over here in Liechtenstein, let me know if you want to visit!